Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eroway.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://eroway.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kanpure.com
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
GET / HTTP/1.1
Host: kanpure.com
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
Second query (visit from search engine):
GET / HTTP/1.1
Host: kanpure.com
Referer: http://www.google.com/search?q=kanpure.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kanpure.com
Referer: http://www.google.com/search?q=kanpure.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://eroway.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 07:51:03 GMT Location: http://www.eroway.com/ Server: nginx/1.6.0 Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.eroway.com/ | 200 OK Content-Length: 155470 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: bigsexporn.com ...[1639 bytes skipped]... > <script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=xa-4ec393b95918667e"></script> <!-- AddThis Button END --> </div> <h1 class="logo"><a href="/">Ero Way</a></h1> <div class="list-box"> <ul class="list"> <li><a href="/ftt2/o.php?l=toplist&perm=bigsexporn.com" target='_blank'>Big Sex Porn</a></li> <li><a href="/ftt2/o.php?l=toplist&perm=coolxnxx.com" target='_blank'>COOL XNXX</a></li> <li><a href="/ftt2/o.php?l=toplist&perm=yourhotporn.com" target='_blank'>Your Hot Porn</a></li> </ul> <ul class="list"> <li><a href="/ftt2/o.php?l=topblank'>96. Rumba Porno</a></li&g ...[2487 bytes skipped]... | ||
http://www.eroway.com/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://ads.adamoads.com/adspot.php?id=1209 | 200 OK Content-Length: 727 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/151072.js | 200 OK Content-Length: 1555 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/151073.js | 200 OK Content-Length: 1553 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/151068.js | 200 OK Content-Length: 16316 Content-Type: application/javascript | clean |
http://cdn.reporo.net/jsbanner.js | 200 OK Content-Length: 836 Content-Type: application/x-javascript | clean |
http://eroway.com/ftt2/o.php?l=toplist&perm=bigsexporn.com | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 07:51:07 GMT Location: http://www.eroway.com/ftt2/o.php?l=toplist&perm=bigsexporn.com Server: nginx/1.6.0 Content-Length: 274 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.eroway.com/ftt2/o.php?l=toplist&perm=bigsexporn.com | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate Connection: close Date: Sun, 21 Sep 2014 07:51:08 GMT Pragma: no-cache Location: http://bigsexporn.com/ Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html Set-Cookie: ftt2=YTo1OntzOjI6ImlwIjtpOjEzMTg5ODA1Nzg7czoxOiJmIjtzOjE6IjAiO3M6MToicyI7czoyOiJzZSI7czoxOiJ2IjthOjE6e2k6MDtzOjQ6IjY4NDUiO31zOjI6ImNjIjtzOjE6IjAiO30%3D; expires=Mon, 22-Sep-2014 07:51:08 GMT; Max-Age=86400; path=/; domain=.eroway.com X-Powered-By: PHP/5.5.12 | malicious |
http://bigsexporn.com/ | 200 OK Content-Length: 150479 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hotbigtube.com <!DOCTYPE html>
<html> <head> <meta charset="utf-8" /> <!--[if lt IE 9]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]--> <title>Big Sex Porn Tube Videos Search Engine For Free</title> <meta name="keywords" content="Sex Tube, Porn Videos, XXX Movies, Free Porn, Fuck Clips, Adult Films" /> <meta name="descript ...[4650 bytes skipped]... | ||
http://bigsexporn.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 07:51:09 GMT Location: http://xnxtube.com/move.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://xnxtube.com/move.html | 200 OK Content-Length: 351 Content-Type: text/html | clean |
http://xnxtube.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 07:51:10 GMT Location: http://xnxtube.com/move.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://eroway.com/jsa/RP6tBQUQrpmv.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
http://eroway.com/ftt2/o.php?l=toplist&perm=coolxnxx.com | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 07:51:11 GMT Location: http://www.eroway.com/ftt2/o.php?l=toplist&perm=coolxnxx.com Server: nginx/1.6.0 Content-Length: 272 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.eroway.com/ftt2/o.php?l=toplist&perm=coolxnxx.com | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate Connection: close Date: Sun, 21 Sep 2014 07:51:11 GMT Pragma: no-cache Location: http://coolxnxx.com/ Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html Set-Cookie: ftt2=YTo1OntzOjI6ImlwIjtpOjEzMTg5ODA1Nzg7czoxOiJmIjtzOjE6IjAiO3M6MToicyI7czoyOiJzZSI7czoxOiJ2IjthOjI6e2k6MTtpOjY4NDU7aToyO3M6NDoiNzQzNiI7fXM6MjoiY2MiO3M6MToiMCI7fQ%3D%3D; expires=Mon, 22-Sep-2014 07:51:11 GMT; Max-Age=86400; path=/; domain=.eroway.com X-Powered-By: PHP/5.5.12 | clean |
http://coolxnxx.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 07:51:11 GMT Location: http://coolxnxx.com/en/ Server: nginx/1.5.10 Content-Type: text/html X-Powered-By: PHP/5.4.31 | clean |
http://coolxnxx.com/en/ | 200 OK Content-Length: 163193 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: sextraces.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en"> <head> <title>Cool XNXX</title> <meta name="description" content='' /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="Content-Language" content="en" /> <link rel="canonical" hr ...[4221 bytes skipped]... | ||
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://eroway.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 07:51:14 GMT Location: http://www.eroway.com/s7.addthis.com/js/300/addthis_widget.js/ Server: nginx/1.6.0 Content-Length: 270 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.eroway.com/s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 539 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js | 200 OK Content-Length: 93057 Content-Type: text/javascript | clean |